Topics from Practice Tests Flashcards
What is Lambda SnapStart
AWS Lambda SnapStart is a feature designed to improve the startup performance of AWS Lambda functions, specifically those written in Java. SnapStart reduces the cold start latency that can occur when a Lambda function is invoked for the first time or after a period of inactivity
AWS Cost Anomaly Detection
AWS Cost Management feature. This feature uses machine learning models to detect and alert on anomalous spend patterns in your deployed AWS services
AWS Control Tower
AWS Control Toweris a high-level service offering a straightforward way to set up and govern an AWS multi-account environment, following prescriptive best practices. AWS Control Towerorchestratesthe capabilities of several other AWS services, including AWS Organizations, AWS Service Catalog, and AWS IAM Identity Center, to build alanding zonein less than an hour.
Name Custom CloudWatch Metrics (MDDPL)
– Memory utilization
– Disk swap utilization
– Disk space utilization
– Page file utilization
– Log collection
FSx for Lustre
Amazon FSx For Lustrefor the first requirement, as it provides a high-performance, parallel file system for hot data.
Evaluate
100 All Traffic Allow
200 All Traffic Deny
* All Traffic Deny
The request above will be allowed. Rules are evaluated at the lowest level
True or False - RDS is used for OLTP
True - RDS is mainly used for On-Line Transaction Processing (OLTP) applications and not for Online Analytics Processing (OLAP)
What is RedShift
Amazon Redshift is a fully-managed, petabyte-scale data warehouse service in the Cloud. An Amazon Redshift data warehouse is a collection of computing resources called nodes, which are organized into a group called a cluster. Each cluster runs an Amazon Redshift engine and contains one or more databases.
Explain Cognito
Amazon Cognito provides authentication, authorization, and user management for your web and mobile apps. Your users can sign in directly with a user name and password or through a third party such as Facebook, Amazon, Google, or Apple. The two main components of Amazon Cognito are user pools and identity pools
Explain HSM
The AWS CloudHSM service helps you meet corporate, contractual, and regulatory compliance requirements for data security by using dedicated Hardware Security Module (HSM) instances within the AWS cloud.
Explain Audit Manager
AWS Audit Manager is an automated service that produces reports specific to auditors for PCI compliance, GDPR, and more.
True or False - You can change security groups if an instance is already running
True - After you launch an instance into a VPC, you can change the security groups that are associated with the instance. You can change the security groups for an instance when the instance is in the running or stopped state.
Explain Configuration of NACL
The default configuration of the default NACL is Allow, and the default configuration of a custom NACL is Deny.
True or False - Network ACLs are stateless, and security groups are stateful.
True
Explain Load Balancing and Instances
The load balancer routes requests only to the healthy instances. When the load balancer determines that an instance is unhealthy, it stops routing requests to that instance. The load balancer resumes routing requests to the instance when it has been restored to a healthy state.
Explain Multi AZ Deployment
SYNCHRONOUS
Amazon RDS Multi-AZ deployments provide enhanced availability and durability for RDS database (DB) instances, making them a natural fit for production database workloads. When you provision a Multi-AZ DB instance, Amazon RDS automatically creates a primary DB Instance and synchronously replicates the data to a standby instance in a different Availability Zone (AZ). Each AZ runs on its own physically distinct, independent infrastructure, and is engineered to be highly reliable. In case of an infrastructure failure, Amazon RDS performs an automatic failover to the standby (or to a read replica in the case of Amazon Aurora), so that you can resume database operations as soon as the failover is complete. Since the endpoint for your DB instance remains the same after a failover, your application can resume database operation without the need for manual administrative intervention.
In RDS Multi-AZ, when a change is made to the primary database, that change must be successfully written to the standby instance before the transaction is considered committed.
IF asynchronous replication means that the primary database does not wait for the standby to acknowledge receipt of the data.
APP FLOW
AppFlow offers a fully managed service for easily automating the exchange of data between SaaS vendors and AWS services like Amazon S3.
Authenticate with Cognito
Step 1 - Authenticate and get tokens. Step 2 - Exchange tokens and get AWS credentials. Step 3 - Access AWS services using credentials.
Grafana
Grafana is an open-source platform used for monitoring, visualization, and analysis of metrics and logs in real-time.
Prometheus
Amazon Managed Service for Prometheus (AMP) is a fully managed, scalable, and secure monitoring service based on the open-source Prometheus project. It is designed to collect, store, and query metrics from containerized applications and infrastructure at scale.
EKS Distro
EKS Distro, which allows you to leverage the best practices and established processes on-premises that Amazon EKS uses in AWS.
QLDB
Best for financial, supply chain mgmt, health records, regulatory
Amazon Quantum Ledger Database (QLDB)
This is an immutable and cryptographically verifiable database and would be the best solution.
True or False
Kinesis Data Streams can be used to continuously collect data about player-game interactions and feed the data into your gaming platform. With Kinesis Data Streams, you can design a game that provides engaging and dynamic experiences based on players’ actions and behaviors.
True
Scale In
Remove instance from the oldest launch configuration
Which action will not cause the data to be deleted on an instance store volume?
reboot
AWS Transcribe
Amazon Transcribe is an AWS service that provides automatic speech recognition (ASR) to convert audio input into text.
AWS Lex
Amazon Lex is a service provided by AWS that allows developers to build conversational interfaces using voice and text.
AWS Polly
Amazon Polly is a service from AWS that turns text into lifelike speech.
AWS Comprehend
Amazon Comprehend is a natural language processing (NLP) service provided by AWS that uses machine learning to uncover insights and relationships in text.
AWS Translate
Amazon Translate is a neural machine translation service provided by AWS that allows developers to easily translate text between different languages.
AWS Rekognition
Rekognition is designed to automatically detect objects, scenes, and faces, recognize celebrities, and provide facial analysis and facial search capabilities.
Explain VPN Connection
It provides a connection between an on-premises network and a VPC, using a secure and private connection with IPsec and TLS.
True or False: messages in the SQS queue will continue to exist even after the EC2 instance has processed it, until you delete that message.
True
API Gateway Throttling
Amazon API Gatewayprovides throttling at multiple levels including global and by service call. Throttling limits can be set for standard rates and bursts.
VPC Flow Logs
Amazon VPC Flow Logs is a feature provided by AWS that enables you to capture information about the IP traffic going to and from network interfaces in your Virtual Private Cloud (VPC).
Systems Manager vs. Organizations vs. Control Tower
AWS Control Tower builds on top of Organizations to provide a more comprehensive governance framework, automatically enforcing security best practices and compliance controls across your accounts, while AWS Systems Manager focuses on managing and automating operations on individual servers and instances across your AWS environment, regardless of the account structure within Organizations; essentially, Control Tower provides a higher level of centralized management with pre-defined security policies, whereas Systems Manager is more focused on day-to-day operational tasks on individual systems.
